Ensure rsyslog Is Installed : iCompaas Support

Ensure rsyslog Is Installed Print

Created by: iCompaas Tech Support

Modified on: Fri, 30 May, 2025 at 3:20 AM

Profile Applicability:
• Level 1

Description:
rsyslog is a powerful syslog daemon that provides system logging capabilities for Linux systems. Ensuring it is installed is critical for centralized logging, monitoring, and auditing purposes.

Rationale:
Having a reliable syslog service like rsyslog enables effective collection and management of system and application logs, supporting security monitoring and compliance.

Impact:
Pros:

Facilitates centralized logging and audit trail creation.
Supports real-time log analysis and alerting.

Cons:

Installation alone does not configure logging policies.

Default Value:
rsyslog may not be installed by default on minimal or custom Linux installations.

Pre-requisites:

Root or sudo privileges to install packages.

Remediation:

Test Plan:

Using Linux command line:

Check if rsyslog is installed:

On RPM-based systems:

rpm -q rsyslog

Confirm package installation status.

Implementation Plan:

Using Linux command line:

Install rsyslog if missing:

On RPM-based systems:

yum install rsyslog -y

2. Verify installation:

rsyslogd -version

Backout Plan:

Using Linux command line:

Remove rsyslog if necessary:

On RPM-based systems:

yum remove rsyslog -y

Confirm removal.

References:

CIS Amazon Linux 2 Benchmark v3.0.0
rsyslog Documentation

iCompaas is the author of this solution article.

Did you find it helpful? Yes No

Ensure rsyslog Is Installed Print

Test Plan:

Implementation Plan:

Backout Plan:

Related Articles